Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
829cadee0d03495a0fb24c959.exe
-
Size
790KB
-
Sample
230709-xvlv5sfc52
-
MD5
829cadee0d03495a0fb24c959f11a1d0
-
SHA1
016655462d6fe5340d1589e9f2e8e702c955184e
-
SHA256
79281c19da4dcb0340c2f62b8ef029791a6f6772852ff45aa2108cdeae265b51
-
SHA512
30f4960dfc0a38fbb0c24c3fea1ac38b16d74538a5610ab8d0fcc768f306dec4c579008089e53010aeecf3ce2792c2fbb63b64f655838582f5472279ff053262
-
SSDEEP
24576:oLRlTv582gyB0OCJcdjtJcFxagh/3xO5fmCbz:oVZGMs0KwSOmCbz
Static task
static1
Behavioral task
behavioral1
Sample
829cadee0d03495a0fb24c959.exe
Resource
win7-20230703-en
Behavioral task
behavioral2
Sample
829cadee0d03495a0fb24c959.exe
Resource
win10v2004-20230703-en
Malware Config
Extracted
redline
norm
77.91.68.70:19073
-
auth_value
1514e6c0ec3d10a36f68f61b206f5759
Targets
-
-
Target
829cadee0d03495a0fb24c959.exe
-
Size
790KB
-
MD5
829cadee0d03495a0fb24c959f11a1d0
-
SHA1
016655462d6fe5340d1589e9f2e8e702c955184e
-
SHA256
79281c19da4dcb0340c2f62b8ef029791a6f6772852ff45aa2108cdeae265b51
-
SHA512
30f4960dfc0a38fbb0c24c3fea1ac38b16d74538a5610ab8d0fcc768f306dec4c579008089e53010aeecf3ce2792c2fbb63b64f655838582f5472279ff053262
-
SSDEEP
24576:oLRlTv582gyB0OCJcdjtJcFxagh/3xO5fmCbz:oVZGMs0KwSOmCbz
-
Detects Healer an antivirus disabler dropper
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-